The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of existing guidance on the mitigation of generative-AI (Gen-AI) risks and developed materials on good practice in the financial sector.
The review covers guidance on:
- Government and Regulatory Approaches: A broad overview of the approach authorities take to balance Gen-AI opportunity and risk, including a snapshot of emerging regulation.
- Risk Management Principles and Frameworks: An outline of various principles and risk frameworks, with a description of their role in managing operational, reputational, and compliance risks relative to Gen-AI.
- Technical Implementation: Standards firms should consider when deploying control frameworks to manage the risks associated with Gen-AI adoption and implementation. The guidance focuses on data protection and privacy, cyber information security and model risk.
- Third Party and Legal Considerations: Considerations regarding third-party and legal risk arising from Gen-AI usage, prompting firms to identify roles and responsibilities along the supply chain and determine the permitted usage of Gen-AI solutions by third parties.
- Education and Awareness: Guidance for building and embedding a 'responsible AI' culture and advice for upskilling colleagues to mitigate Gen-AI risks and threats.
[View source.]
